We need to investigate more on how a windows OCI container image is composed to support scanning for vulnerabilities in them.